Microsoft Microsoft Office 2016
123 CVEs affecting Microsoft Microsoft Office 2016. Latest disclosed: 2026-05-12. Critical: 1, High: 98.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-21413 | Critical | 9.8 | 2024-02-13 | Microsoft Outlook Remote Code Execution Vulnerability |
CVE-2024-38021 | High | 8.8 | 2024-07-09 | Microsoft Outlook Remote Code Execution Vulnerability |
CVE-2022-34717 | High | 8.8 | 2022-08-09 | Microsoft Office Remote Code Execution Vulnerability |
CVE-2022-21840 | High | 8.8 | 2022-01-11 | Microsoft Office Remote Code Execution Vulnerability |
CVE-2021-28455 | High | 8.8 | 2021-05-11 | Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability |
CVE-2026-40363 | High | 8.4 | 2026-05-12 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2026-40358 | High | 8.4 | 2026-05-12 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2026-32190 | High | 8.4 | 2026-04-14 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2026-26110 | High | 8.4 | 2026-03-10 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2026-26113 | High | 8.4 | 2026-03-10 | Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2026-20952 | High | 8.4 | 2026-01-13 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2026-20953 | High | 8.4 | 2026-01-13 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-62557 | High | 8.4 | 2025-12-09 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-62554 | High | 8.4 | 2025-12-09 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-54910 | High | 8.4 | 2025-09-09 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-53740 | High | 8.4 | 2025-08-12 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-53731 | High | 8.4 | 2025-08-12 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-49697 | High | 8.4 | 2025-07-08 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-49696 | High | 8.4 | 2025-07-08 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-49695 | High | 8.4 | 2025-07-08 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |